Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/hpr9OiB5kExvHF9P87-IxyAxcbA.roa
File: hpr9OiB5kExvHF9P87-IxyAxcbA.roa (raw, json)
Hash identifier: ugp35Q9FpREx/guaPiUPaHu97W6sUqLWgVqQ25skvxc=
Subject key identifier: 86:9A:FD:3A:20:79:90:4C:6F:1C:5F:4F:F3:BF:88:C7:20:31:71:B0
Certificate issuer: /CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Certificate serial: 0187EBC31BDAA66993845FCC77BDFCD2C0B6
Authority key identifier: 6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/hpr9OiB5kExvHF9P87-IxyAxcbA.roa
Signing time: Fri 05 May 2023 11:54:05 +0000
ROA not before: Fri 05 May 2023 11:54:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43256
IP address blocks: 217.171.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:c3:1b:da:a6:69:93:84:5f:cc:77:bd:fc:d2:c0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Validity
Not Before: May 5 11:54:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=869afd3a2079904c6f1c5f4ff3bf88c7203171b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:71:70:9a:72:41:6d:36:2b:84:d9:05:fc:ed:
32:8f:40:92:f7:e0:f8:0c:91:2d:41:fe:d2:bb:a6:
23:36:41:fa:46:fe:81:5f:bc:cc:ff:d2:95:fb:78:
59:db:c1:e3:43:4f:ac:3f:9b:77:1a:11:ab:c5:80:
78:fd:1c:84:d6:95:ed:d7:0f:fe:d7:5c:ff:74:b6:
2d:ca:45:2d:bc:53:26:94:40:73:f9:0e:1d:af:ff:
a8:45:0a:d8:12:6c:e0:c5:b9:e6:63:71:a9:c5:22:
0c:2f:f7:da:f0:9d:68:de:ce:4a:f6:d8:79:15:40:
ed:2c:97:f5:3d:70:22:6f:21:36:7a:b6:5f:0a:4c:
9c:ea:46:6f:16:52:ca:30:47:1b:f3:16:b2:d4:27:
20:c0:cf:fc:6f:a0:58:79:ad:b0:2c:a0:19:2e:94:
c2:fa:17:e4:0a:8e:b8:f7:a4:1e:ea:06:c7:e2:61:
da:30:98:28:5c:ea:82:fb:e4:40:29:63:5c:6a:02:
31:83:48:db:ac:73:47:1d:91:75:43:25:55:fe:36:
74:fc:3e:f6:1e:92:c4:21:77:5b:69:2b:fb:c5:88:
03:2a:b5:33:ac:ac:ab:93:0f:73:59:5b:1b:64:1f:
8e:f0:f0:f9:fa:c4:34:ba:ef:04:c1:fc:16:ac:e8:
ad:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9A:FD:3A:20:79:90:4C:6F:1C:5F:4F:F3:BF:88:C7:20:31:71:B0
X509v3 Authority Key Identifier:
keyid:6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/hpr9OiB5kExvHF9P87-IxyAxcbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.171.91.0/24
Signature Algorithm: sha256WithRSAEncryption
67:81:c8:cf:1c:18:d3:24:d3:73:70:81:0c:9b:e1:59:20:b9:
e8:e4:01:a9:c1:f3:69:3a:ca:34:b5:be:5e:57:97:49:32:5e:
8c:50:e8:89:dc:14:88:df:ee:63:f9:0e:56:b8:4e:b2:92:b0:
b1:d5:57:8d:50:0a:b3:62:8a:ab:f0:c8:25:99:49:17:72:b8:
48:bf:30:1d:35:3e:68:9e:7a:6f:54:d0:15:d4:8c:2a:cf:7c:
a5:51:e5:5a:70:12:6d:cc:45:b6:c4:d8:4c:d1:e8:f9:82:e4:
9b:a5:50:bf:92:14:92:b4:40:d4:5d:47:ce:d5:b5:dc:cf:fe:
52:61:e6:19:39:b6:bb:71:5b:14:34:c0:8b:bf:94:f1:e8:4b:
9e:0e:bf:ea:17:01:1d:e6:2a:9b:9b:89:5d:f8:1b:74:56:ea:
09:dc:86:22:62:ab:5c:01:e0:15:ce:36:0d:2c:2f:b0:a5:96:
80:20:97:1e:33:b9:d2:2c:91:3a:e5:28:9f:37:db:87:88:ea:
f7:ed:8e:b1:c3:c8:29:25:e9:66:1e:a4:76:f6:fb:49:41:41:
85:ef:bb:6b:0a:eb:14:91:72:56:16:bc:8c:a6:ec:53:45:7a:
c1:51:45:3c:b2:1a:ec:ca:ff:15:cd:74:ae:45:2c:c9:96:99:
82:8d:ed:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfrwxvapmmThF/Md7380sC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmMxNDM4ZWUwODE1YTliZjhiNzNmOWE3Y2VkMDk0ZjIx
YWM3OWUwHhcNMjMwNTA1MTE1NDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlhZmQzYTIwNzk5MDRjNmYxYzVmNGZmM2JmODhjNzIwMzE3MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9XFwmnJBbTYrhNkF/O0yj0CS9+D4
DJEtQf7Su6YjNkH6Rv6BX7zM/9KV+3hZ28HjQ0+sP5t3GhGrxYB4/RyE1pXt1w/+
11z/dLYtykUtvFMmlEBz+Q4dr/+oRQrYEmzgxbnmY3GpxSIML/fa8J1o3s5K9th5
FUDtLJf1PXAibyE2erZfCkyc6kZvFlLKMEcb8xay1CcgwM/8b6BYea2wLKAZLpTC
+hfkCo6496Qe6gbH4mHaMJgoXOqC++RAKWNcagIxg0jbrHNHHZF1QyVV/jZ0/D72
HpLEIXdbaSv7xYgDKrUzrKyrkw9zWVsbZB+O8PD5+sQ0uu8EwfwWrOitfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaa/TogeZBMbxxfT/O/iMcgMXGwMB8GA1UdIwQY
MBaAFG38FDjuCBWpv4tz+afO0JTyGseeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEt
ZDY0Njc2N2M1ZjEzLzEvaHByOU9pQjVrRXh2SEY5UDg3LUl4eUF4Y2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEtZDY0Njc2N2M1ZjEz
LzEvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2atbMA0G
CSqGSIb3DQEBCwUAA4IBAQBngcjPHBjTJNNzcIEMm+FZILno5AGpwfNpOso0tb5e
V5dJMl6MUOiJ3BSI3+5j+Q5WuE6ykrCx1VeNUAqzYoqr8MglmUkXcrhIvzAdNT5o
nnpvVNAV1Iwqz3ylUeVacBJtzEW2xNhM0ej5guSbpVC/khSStEDUXUfO1bXcz/5S
YeYZOba7cVsUNMCLv5Tx6EueDr/qFwEd5iqbm4ld+Bt0VuoJ3IYiYqtcAeAVzjYN
LC+wpZaAIJceM7nSLJE65SifN9uHiOr37Y6xw8gpJelmHqR29vtJQUGF77trCusU
kXJWFryMpuxTRXrBUUU8shrsyv8VzXSuRSzJlpmCje3p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:04 2024 by rpki-client on console-fra.rpki-client.org